$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/82456ff2-f8c4-4c5a-9458-82d909f83f7d.roa File: 82456ff2-f8c4-4c5a-9458-82d909f83f7d.roa (raw, json) Hash identifier: KMb6C1MgOX5dzF/YLbSYl1NejBgG7XXK4kxmU/GlL+A= Subject key identifier: 92:E7:C1:05:ED:E4:6D:65:B5:0A:53:13:07:6C:AB:78:CA:54:A2:39 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 2CEE6E4206F869B3C14B7992C821113E59F37961 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/82456ff2-f8c4-4c5a-9458-82d909f83f7d.roa Signing time: Sat 02 Aug 2025 00:00:09 +0000 ROA not before: Sat 02 Aug 2025 00:00:09 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.196.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 15:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:ee:6e:42:06:f8:69:b3:c1:4b:79:92:c8:21:11:3e:59:f3:79:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Aug 2 00:00:09 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=7a1e9b4cb69f15616ccdd396a3cb4fc10b2f2e9afa1bf45332370647c9062592, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:8d:97:c9:43:92:6f:a8:e8:d6:b5:91:35:72: 76:84:79:c8:ae:54:81:50:a2:c0:21:1a:85:97:51: 68:8f:a9:1b:0b:24:7f:64:27:f3:7d:43:1a:05:b7: 02:e1:d8:dc:b9:ac:66:d9:b3:93:b7:ac:10:67:c6: 04:76:1b:7d:e7:54:54:a8:0b:2f:bf:94:af:ac:29: 44:b3:8f:70:a6:59:8e:6e:f4:db:25:b9:05:58:4b: 7f:ef:64:50:e5:2b:88:32:8b:49:6b:6e:9c:a9:57: 35:ce:09:07:9f:26:73:a6:5e:34:49:f9:2e:48:69: a2:fa:30:53:19:84:ae:44:3c:0c:be:3b:6f:82:e6: d7:dd:95:dd:a1:ad:0d:11:7d:33:60:20:e2:65:33: 2e:7c:c3:c5:6a:94:a0:e4:3e:ee:0f:d9:a2:f9:e9: c2:9f:1f:23:63:d2:0f:cd:78:dd:15:3e:e6:0e:fd: 4b:6b:25:fe:ba:e6:9a:3c:4f:94:9a:dc:99:1b:92: 83:69:06:61:bd:de:4e:8f:8a:51:08:5d:0e:94:bf: a1:9c:e1:ed:79:e7:9d:66:4d:f1:c0:fc:49:3c:48: 79:af:88:bd:43:97:a5:2b:5d:3f:20:11:b4:9e:8c: 5e:a2:29:0d:05:4a:0e:69:8e:4d:68:00:ee:08:f2: 3c:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:E7:C1:05:ED:E4:6D:65:B5:0A:53:13:07:6C:AB:78:CA:54:A2:39 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/82456ff2-f8c4-4c5a-9458-82d909f83f7d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.196.0/22 Signature Algorithm: sha256WithRSAEncryption 16:b5:f7:9a:70:6d:68:7d:ab:2d:6b:11:f8:6e:5f:e4:9d:b2: 6f:c9:87:1e:39:3a:dd:e5:7b:b7:1e:f3:5f:d8:5a:3a:e8:19: 2f:9f:1f:8f:e8:72:cf:e2:0e:34:ba:00:33:cb:64:5d:c5:12: 03:38:b6:26:a4:0d:b3:5f:f6:63:f0:3a:06:d9:30:8a:9b:36: 31:72:e2:55:8f:aa:d7:a1:6c:cb:ed:a9:c2:c9:5a:41:e3:f3: dc:24:1d:da:0a:f7:1f:d3:6b:20:ea:98:fd:92:0e:c7:03:4c: 2b:8a:89:0c:ee:f5:0e:7c:9e:bb:af:84:c5:ac:03:8a:bc:2e: 5f:69:78:47:ef:40:e0:bd:f3:4e:e2:a3:e5:6f:ab:1a:28:a8: 28:6f:4d:91:34:31:68:30:af:70:e5:c6:2c:c4:8a:71:83:3e: 15:c4:d8:35:e3:17:ba:5a:64:16:b7:41:29:b6:0d:62:a9:c4: 8c:d4:55:9d:c9:11:7e:a7:28:91:ff:e0:42:e4:54:3e:d8:19: ec:be:eb:5b:30:c7:5a:0d:5a:0d:98:a6:05:11:b2:79:09:d8: ee:9e:bf:18:0b:a6:26:4e:d3:16:58:e9:8f:a9:52:71:fa:05: 7d:56:f7:84:a2:5b:d4:31:0d:8f:af:72:41:00:8e:2a:2f:9d: ae:f9:d7:29 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIULO5uQgb4abPBS3mSyCERPlnzeWEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDgwMjAwMDAwOVoX DTI1MDkwNjIzNTk1OVowejFJMEcGA1UEBRNAN2ExZTliNGNiNjlmMTU2MTZjY2Rk Mzk2YTNjYjRmYzEwYjJmMmU5YWZhMWJmNDUzMzIzNzA2NDdjOTA2MjU5MjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA142XyUOSb6jo1rWRNXJ2hHnIrlSB UKLAIRqFl1Foj6kbCyR/ZCfzfUMaBbcC4djcuaxm2bOTt6wQZ8YEdht951RUqAsv v5SvrClEs49wplmObvTbJbkFWEt/72RQ5SuIMotJa26cqVc1zgkHnyZzpl40Sfku SGmi+jBTGYSuRDwMvjtvgubX3ZXdoa0NEX0zYCDiZTMufMPFapSg5D7uD9mi+enC nx8jY9IPzXjdFT7mDv1LayX+uuaaPE+UmtyZG5KDaQZhvd5Oj4pRCF0OlL+hnOHt eeedZk3xwPxJPEh5r4i9Q5elK10/IBG0noxeoikNBUoOaY5NaADuCPI8FwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJLnwQXt5G1ltQpTEwdsq3jKVKI5MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzgyNDU2ZmYyLWY4YzQtNGM1YS05NDU4LTgyZDkwOWY4M2Y3ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCrynEMA0GCSqGSIb3DQEBCwUAA4IBAQAWtfeacG1ofastaxH4bl/k nbJvyYceOTrd5Xu3HvNf2Fo66Bkvnx+P6HLP4g40ugAzy2RdxRIDOLYmpA2zX/Zj 8DoG2TCKmzYxcuJVj6rXoWzL7anCyVpB4/PcJB3aCvcf02sg6pj9kg7HA0wriokM 7vUOfJ67r4TFrAOKvC5faXhH70DgvfNO4qPlb6saKKgob02RNDFoMK9w5cYsxIpx gz4VxNg14xe6WmQWt0Eptg1iqcSM1FWdyRF+pyiR/+BC5FQ+2BnsvutbMMdaDVoN mKYFEbJ5Cdjunr8YC6YmTtMWWOmPqVJx+gV9VveEolvUMQ2Pr3JBAI4qL52u+dcp -----END CERTIFICATE-----Generated at Mon Aug 4 22:21:39 2025 by rpki-client